[VoiceOps] SS7

Sun Apr 24 08:43:15 EDT 2016

This is not 100% accurate, there are other small STP operators who can
offer you cheaper option ( < $500/month price point) for Sigtran
connectivity. Feel free to contact me off list.

On Sat, Apr 23, 2016 at 2:59 PM, Mary Lou Carey <marylou at backuptelecom.com>
wrote:

> There are really only two large companies that will do SS7 via SigTran and
> they are Syniverse and Neustar (formerly TNSi / Verisign / Illuminet), They
> don't really like to give out their pricing publicly so you have to sign an
> NDA to get it, but I would budget about $1,000 per month to be safe. You
> pay for each ISUP route as well so that price depends on how many routes
> you have.
>
> Are you asking which carriers provide SS7 links or which ones will do the
> host switch product?
>
> Mary Lou Carey
> BackUP Telecom Consulting
> Marylou at backuptelecom.com
> Office: 615-791-9969
> Cell: 615-796-1111
>
>
> On April 23, 2016 at 1:21 PM Erik Flournoy <erik at eespro.com> wrote:
>
> Hey since we're on this topic what's the average cost for SigTran and who
> would you guys recommend? Who actually has SS7 and would be interested in
> interconnecting.
> On Apr 23, 2016 7:21 AM, "Kidd Filby" <kiddfilby at gmail.com> wrote:
>
> ABSOLUTELY!!!!
>
> On Sat, Apr 23, 2016 at 9:28 AM, Hiers, David <David.Hiers at cdk.com> wrote:
>
> People tend forget the existence and benefit of physical and
> administrative security controls until they disable them.  Sure, they are
> an expensive speedbump at times, but you can’t hack what you can’t touch.
>
>
>
>
>
> David
>
>
>
>
>
> *From:* VoiceOps [mailto:voiceops-bounces at voiceops.org] *On Behalf Of *Mike
> Ray, MBA, CNE, CTE
> *Sent:* Friday, April 22, 2016 11:28
> *To:* voiceops at voiceops.org
> *Subject:* Re: [VoiceOps] SS7
>
>
>
> It seems to me that this SS7 vulnerability issue is just the latest result
> of all of the de-regulation that’s been going on for the past… two decades
> or so.  There was a time that you could not buy commercial access to the
> SS7 network; to get that access you had to be a real carrier.  Also, back
> at that time, inter-company SS7 signalling could only occur on established,
> ordered signaling routes where both parties placed an order to open the
> route between them.  Therefore, this would not have been possible back then
> because the carrier would not have ordered a route to the hacker’s point
> code(s) and it therefore would not exist.
>
>
>
> If I am a US local carrier in 2001, I have no need to order a signaling
> route to a German carrier either so even the hacker having full access to a
> German carrier’s network would not compromise my network. (in response to
> the nation-state issue)  To get a call to Germany, I signal to the access
> tandem or IXC switch I’ve chosen to interconnect with in the US and that
> switch signals upstream, etc.
>
>
>
> If we were not on this path of de-regulation where whatever makes
> commercial sense for one company can open up the whole SS7 network to
> un-trusted parties, we likely wouldn’t be here.  At some point, a decision
> was made somewhere to allow this loosy-goosy inter-company signaling over
> the SS7 network between two point codes that would not, under the original
> implementation of SS7, be able to talk to each other in the first place.
>
>
>
> If the drumbeat of “solve everything with IP!” continues, I hope that at
> least it gets solved by establishing something close to what the VPF was
> supposed to be, and not just a general dumping of all voice traffic across
> the internet between carriers.  That certainly wouldn’t bode well for
> reliability or security.
>
>
>
> Mike
>
>
>
> Mike Ray, MBA, CNE, CTE
>
> Astro Companies, LLC
>
> 11523 Palm Brush Trail #401
>
> Lakewood Ranch, FL  34202
>
> DIRECT: call or text 941 600-0207
>
> http://www.astrocompanies.com
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.astrocompanies.com&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=3qAav7xK7z7Y9z78Wz6C13xGAsE6OybjLD3yoSCDCMw&e=>
>
>
>
>
>
>
>
>
>
> *From:* VoiceOps [mailto:voiceops-bounces at voiceops.org
> <voiceops-bounces at voiceops.org>] *On Behalf Of *Dan York
> *Sent:* Thursday, April 21, 2016 3:45 PM
> *To:* Kidd Filby <kiddfilby at gmail.com>
> *Cc:* voiceops at voiceops.org
> *Subject:* Re: [VoiceOps] SS7
>
>
>
> This is generally true if the calls are *unencrypted* on VoIP...
>
>
>
> On Thu, Apr 21, 2016 at 2:20 PM, Kidd Filby <kiddfilby at gmail.com> wrote:
>
>
>
> Also folks, don't forget, the same outcome of recording someone's call is
> MUCH easier to accomplish once it is VoIP.  IMHO, of course.  ;-)
>
>
>
> ... BUT... what's fascinating is the recent rise in end-to-end (e2e)
> encryption among IP-based communications platforms that include voice.
>
>
>
> WhatsApp, for instance, just completed the rollout of e2e encryption on
> April 5, and not just for messaging, but also for voice and video calls as
> well as file transfers (
> https://blog.whatsapp.com/10000618/end-to-end-encryption
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__blog.whatsapp.com_10000618_end-2Dto-2Dend-2Dencryption&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=NXBMKUweqEyjsPnLdKiYN2dxhQ18iIhqv6gKxWa8RwM&e=>
> ).  Just yesterday the team behind Viber announced that they will soon have
> e2e encryption for all clients.  The app Wire ( http://wire.com
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__wire.com&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=s0P24iUsIb4FU2rZ9YaaIn1gsVb6jA2Oeu0YoEDq6y0&e=>
> ) also does e2e encryption for voice, video and group chats.
>
>
>
> In a US Congress hearing this week, a Congressman asked a Dept of Homeland
> Security representative if e2e encryption available in apps would have
> prevented this interception that happened via SS7. The DHS answer was that
> it would mitigate the interception of the content, although the location
> meta-data would still be available.  (You can view the exchange via the
> link in this tweet:
> https://twitter.com/csoghoian/status/722854012567969794
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__twitter.com_csoghoian_status_722854012567969794&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=UJf4zA4kmH2CF_OG1ESNYtGC_6hytXx1oxXRCaijN3M&e=>
> )
>
>
>
> The end result is that we're definitely moving to a space where the
> communication over IP-based solutions will wind up being far more secure
> than what we had before.
>
>
>
> Interesting times,
>
> Dan
>
>
>
> --
>
>
>
> Dan York
>
> dyork at lodestar2.com  +1-802-735-1624   Skype:danyork
>
> My writing -> http://www.danyork.me/
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.danyork.me_&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=1tJ3a90UREz7qDElplqt-_ZCxGSIQM13CbKJzTWGQJM&e=>
>
> http://www.danyork.com/
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.danyork.com_&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=kSavjgKqquFSm8Dkxir_Loji91imTbDbGoi84xbo6ok&e=>
>
> http://twitter.com/danyork
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__twitter.com_danyork&d=CwMFaQ&c=N13-TaG7c-EYAiUNohBk74oLRjUiBTwVm-KSnr4bPSc&r=-GzOCp0ppLaBQPFaZ7lZ4bUUBQxpFBukitRP75oaRdQ&m=K-8CAmdREf2wOzrczAmJFVezGkW7Xaf8hyrWjWDWZTM&s=xbVyAccZCDshp_g-4GjTTTbCxLtHE4qF4JCEM9YlwAM&e=>
> ------------------------------
> This message and any attachments are intended only for the use of the
> addressee and may contain information that is privileged and confidential.
> If the reader of the message is not the intended recipient or an authorized
> representative of the intended recipient, you are hereby notified that any
> dissemination of this communication is strictly prohibited. If you have
> received this communication in error, notify the sender immediately by
> return email and delete the message and any attachments from your system.
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>
>
>
>
> --
> Kidd Filby
> 661.557.5640 (C)
> http://www.linkedin.com/in/kiddfilby
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>
>
>
>
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20160424/7fab9378/attachment-0001.html>